On 1/30/08, Jim Dandy <[EMAIL PROTECTED]> wrote: > The stuff I've read so far on setting up a Server 2003 box to do VPN has > you use a machine with two NICs in it and direct all traffic from the > internet through that box (in one NIC and out the other). Only a very > small amount of traffic between my LAN and the internet will be VPN. I > don't particularly want to route everything through that box. It > creates another single point of failure that could take my network out. > Does it have to be configured that way? I envisioned it working on a > box on my LAN with a single NIC and that packets coming into the NIC > would be stripped of encryption and redirected out the same NIC where > they came in. Can it work that way or am I just stupid to think that > it's possible to do it that way? > > Thanks for your help.
Oh, yes - very possible. I've done it that way a long time ago with NT 3.51/4. Works like a champ. However, just in the interest of the cool factor, and depending on your needs, I'd also suggest taking a look at this: http://3sp.com/showSslExplorerCommunity.do This version is free, it's available for Windows, and there's an enterprise version with more features if you want. It's an SSL VPN product, that presents the user with a web page that you can populate with, for instance, your intranet web site, or an RDP interface to your TS server or their own desktop, or a web interface to your file server, etc. It's really sweet. I happen to be implementing it on FreeBSD, but since it's written in Java/Ant, it's really portable. I find myself giggling at odd moments at just how easy and cool this is, and when I roll it out, I think my users will too. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
